WHAT IS CLAIMED IS: 



1 1 . A method for distributing program content in a network, said network 

2 comprising a server for providing said program content, a client operable for communicating 

3 with said server across said network, and a caching server operable for storing a copy of said 

4 program content, said method comprising: 

5 establishing a rule defining whether said client is entitled to receive 

6 said program content; 

7 storing said rule on said network; 

8 allowing said client to request said program content from said network; 

, 2 comparing said rule to a record describing at least one entitlement 

II) characteristic of said client so as to determine whether said client is entitled to receive said 

II program content before distributing a key to said client for decrypting said program content; 

M 

I? and 

|u 

|8 multicasting said program content. 

2. The method as described in claim 1 wherein said rule is comprised of a 

% -}k method of payment. 

pi 3 . The method as described in claim 1 wherein said rule is comprised of a 

2 subscription identifier. 

1 4. The method as described in claim 1 wherein said rule is comprised of a 

2 restriction based on the location of where said program content is to be delivered. 

1 5. The method as described in claim 1 wherein said rule is comprised of a 

2 restriction based on a content rating for a user. 

1 6. The method as described in claim 1, wherein said at least one 

2 entitlement characteristic comprises information indicating a physical location of said client. 

1 7. The method as described in claim 1, wherein said at least one 

2 entitlement characteristic comprises information indicating at least one service subscribed to 

3 by said client. 
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1 8. The method as described in claim 1, wherein said at least one 

2 entitlement characteristic comprises data for use in authenticating said client with said 

3 caching server. 

1 9. The method as described in claim 1, wherein said at least one 

2 entitlement characteristic is stored by said client in a ticket. 

1 10. The method as described in claim 1, wherein said at least one 

2 entitlement characteristic is communicated from said client to said caching server. 

1 11. The method as described in claim 1 and further comprising not 

2 permitting said client to alter said at least one entitlement characteristic. 

1*1 12. The method as described in claim 1 and further comprising encrypting 

|| said at least one entitlement characteristic so as to prevent said client from altering said at 

J| least one entitlement characteristic. 

|*i 

PJ 13. The method as described in claim 1 wherein said multicasting said 

s 2 program content is begun before said comparing said rule to said record describing said at 

|J least one entitlement characteristic of said client. 

K 

l! 14. A method for distributing program content in a network, said network 

Q ■ 

Tt comprising a server for storing program content, a client operable for communicating with 

3 said server across said network, and a caching server operable for storing a copy of said 

4 program content, said method comprising: 

5 establishing a rule defining whether said client is entitled to receive 

6 said program content; 

7 allowing said client to request said program content from said server; 

8 receiving at said server a request from said client for said program 

9 content; and 

10 formatting a data record comprising an identifier to identify said 

1 1 program content and said rule for said program content. 

1 15. The method as described in claim 14 and further comprising: 
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> 

2 authenticating said data record. 

1 1 6. The method as described in claim 14 and further comprising: 

2 signing said data record so as to allow said caching server to 

3 authenticate said data record. 

1 17. The method as described in claim 1 6 wherein said authenticating said 

2 data record comprises: 

3 utilizing a trusted third party to provide an authentication key to said 

4 server for use in signing said data record and a verification key to said caching server for use 

5 in authenticating said data record. 

H 18. The method as described in claim 14 and further comprising: 

2 

II conveying said data record to said client. 

pi' - 19. The method as described in claim 14 and further comprising: 

s2 signing said data record; and 

|!j conveying said signed data record to said client. 

O 20. The method as described in claim 14 and further comprising: 

U 

2 signing said data record; 

3 conveying said signed data record to said client; and 

4 conveying said signed data record to said caching server from said 

5 client. 

1 21 . The method as described in claim 14 and further comprising: 

2 signing said data record; and 

3 conveying said signed data record to said caching server from said 

4 server. 

1 22. The method as described in claim 14 and further comprising: 
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2 signing said data record; 

3 conveying said signed data record to said client; 

4 conveying said signed data record to said caching server from said 

5 client; 

6 conveying an identifier identifying said program content from said 

7 client to said caching server; 

8 authenticating said data record at said caching server; 

9 allowing said caching server to determine whether said client is 
1 0 entitled to receive said program content. 

H 23. A method of distributing program content in a network, said network 

CI 

fl comprising a server, a client operable for communicating with said server across said 

J| network, and a caching server operable for storing a copy of said program content, said 

W method comprising: 

w 

M 

5 5 receiving a data record for said client for use in determining whether 

;[| said client is entitled to said program content; 

| 

p receiving a rule associated with said program content for use by said 

pf caching server so as to determine whether said client is entitled to said program content; 

9 utilizing said data record and said rule so as to determine whether said 

1 0 client is entitled to said program content; and 

1 1 multicasting said program content. 

1 24. The method as described in claim 23 and further comprising: 

2 conveying said program material to said client. 

1 25. The method as described in claim 23 and further comprising: 

2 decrypting said data record with a key received from a trusted third 

3 party, wherein said trusted third party is a trusted third party for said caching server and said 

4 server. 
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1 26. The method as described in claim 23 wherein said receiving said data 

2 record for said client comprises: 

3 receiving said data record from said client. 
4 



a 
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